Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 8 Sep 2009 11:52:39 -0300
From: Nahuel Grisolía <>
Subject: Re: John and RARs or ZIPs

Oh! Nice answer! Thanx a lot! Very Educational for the list!


2009/9/8 RB <>

> On Tue, Sep 8, 2009 at 08:06, Nahuel Grisolía<>
> wrote:
> > Hey Guys, i just want to know if anyone of you has ever coded something
> to
> > use John to crack the encryption used in RARs (AES128) or ZIPs (??).
> This is a class of query that comes up here quite often - "can JtR be
> used to crack X?"  The answer depends largely on the implementation,
> but is generally "no": JtR doesn't directly support specific file
> formats, it handles password hashes.
> In clarification (and simplified terms), you need to understand the
> difference between hashing and encryption.  Hashing is a one-way
> process by which a statistically unique small value is computationally
> derived from a [typically] larger data set.  The "one-way" part is
> critical: you cannot derive the original data from a hash, only repeat
> the process and confirm you have a precise copy.  Encryption is a
> bidirectional process by which data may be converted to and from an
> opaque form by use of a secret key.  In well-designed systems,
> passwords are stored in hashed form - you cannot derive the original
> data directly from the hash, but you may hash the data you have and
> compare the two.  What JtR does is create a list of potential
> passwords, hash them, and then compare them against a specified hash
> until it finds a match (or reaches the heat death of the universe),
> hence:
> John the Ripper does perform any decryption.
> I split that out because it's incredibly important to understanding
> the role of password "crackers".  Password crackers generally do not
> do any decryption, they only bumble along (some more intelligently and
> quickly than others) trying to make up something that matches the
> known hash.
> If a particular file format were to be so generous as to include a
> hash of the password, it would be possible to extract that hash and,
> if necessary, create a JtR handler for the hash form.  However, most
> encrypted formats aren't so poorly designed and will happily decrypt
> with whatever key they're given, forcing the attacker to evaluate
> whether the decrypted results are valid.  That evaluation is beyond
> the scope of an application such as JtR.
> > How can we know if the RAR or ZIP is really desencrypted?
> The formats probably have internal checksums or well-known values that
> are checked post-decryption to allow validation of the key.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.